Some 70% of web sites are at risk of being hacked, according to research from web security firm Acunetix.

The vendor scanned 3,200 sites belonging to businesses and non-commercial entities to reach its findings. Nearly three quarters of the web sites scanned were found to contain high or medium vulnerabilities, according to the firm, while over 90% of the sites had some form of vulnerability.

Flaws ranged from minor ones such as local path disclosure or directory listing to more serious ones such as cross site scripting (XSS). Acunetix said the average number of vulnerabilities per site was 66.

“The results show clearly that the problem of unsafe web applications is being ignored completely,” said Kevin Vella, vice president of sales and operations of Acunetix.

“These statistics should compel organisations to take a serious look at their security infrastructure,” he said, adding that web application security was “at best overlooked as a fad”.